Welcome to Cyber Security Today. This is the Week in Review edition for the week ending Friday September 24th. I’m Howard Solomon, contributing writer on cybersecurity for ITWorldCanada.com.
My guest commentator this week is Terry Cutler of Montreal’s Cyology Labs. He’ll be joining in a few minutes. But first a roundup of some of the bigger news from the past seven days:
Montreal-based voice over IP provider VoIP.ms struggled for much of the week with a sustained distributed denial of service attack that left customers across North America without phone service. This is one of the incidents Terry and I will discuss.
Another is the revelation that the FBI had penetrated the servers of the REvil ransomware gang this summer and got a decryption key that could have helped victim organizations. But instead of distributing the key the FBI held on to it for a couple of weeks because it hoped to take down the entire gang. Terry and I will discuss if that delay was justified.
We’ll also take a look at the misconfiguration by users of the EventBuilder platform for supporting webinars. Researchers discovered that information webinar attendees filled in when registering was left open on the internet. Hackers could have found and misused that data.
Ransomware attacks continue. The latest victims include two U.S. farming supply co-operatives. Crystal Valley had to shut its IT systems, preventing people from paying for grain. Earlier in the week NEW Cooperative was hit, with a reported ransom demand of almost $6 million. The BlackMatter ransomware gang reportedly threatened to double the ransom if the co-op continued to refuse to negotiate.
Separately, a cybersecurity firm that has assembled a database of stolen login credentials being marketed over the years by cybercrooks says over 600 of the credentials on its list apparently were from current or former NEW Cooperative employees. One popular password used by 120 staff was ‘chicken1.’ That password is logical – although a security risk – when you realize poultry feed is one of NEW Cooperative’s big products. It isn’t known if a bad password helped the NEW Cooperative ransomware attack.
Coincidentally, a cybersecurity…